Threat Detection Analyst - Cybersecurity

Next Link

Sant Cugat del Vallès, Spain

2 days ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Experience level

Intermediate

Job location

Sant Cugat del Vallès, Spain

Tech stack

Microsoft Windows

API

Bash

Cloud Computing

Computer Security

Linux

Intrusion Detection and Prevention

Intrusion Detection Systems

Python

Network Security

Log Analysis

Packet Analyzer

Powershell

Systems Integration

Wireshark

Scripting (Bash/Python/Go/Ruby)

Mitre Att&ck

Malware

Cyber Threat Analysis

Firewalls (Computer Science)

Cybercrime

Job description

We are looking for a Threat Detection Analyst to join our team and collaborate 100% on the cybersecurity program of one of our top global clients in the pharmaceutical sector. In this role, you will analyze, detect, and mitigate cyber threats targeting large-scale enterprise environments. You will design and implement advanced detection mechanisms to proactively identify malicious activities across on-premise, cloud, and hybrid infrastructures-ensuring robust protection for a highly regulated and mission-critical global ecosystem. You'll work closely with Threat Intelligence, Security Operations, and Incident Response teams to stay ahead of the evolving threat landscape and strengthen the overall security posture of our pharma client. Key Responsibilities

Develop, refine, and maintain advanced detection rules (including Microsoft XDR).
Monitor, analyze, and validate security alerts, logs, and behavioral anomalies.
Research emerging threats, techniques, and TTPs to enhance detection coverage.
Tune and optimize existing detection logic to reduce false positives and increase visibility.
Build automated workflows and integrations using APIs and scripting languages.
Collaborate with Threat Intelligence, SOC, IR, IT, and Risk Management teams.
Document detection logic, analysis steps, and findings for technical and non-technical audiences.

Requirements

Over 3-5 years of experience in cybersecurity roles such as Threat Hunter, Detection Engineer, or Threat Analyst.
Strong background with EDR solutions (SentinelOne, CrowdStrike, FortiEDR, Defender for Endpoint).
Knowledge of behavioral analytics and anomaly detection methodologies.
Experience with MITRE ATT&CK, D3FEND, and other threat intelligence frameworks.
Scripting in Python, PowerShell, or Bash for automation and tooling development.
Hands-on experience integrating tools and workflows using APIs.
Strong understanding of cloud and network security, firewalls, IDS/IPS, and packet analysis.
Advanced knowledge of Windows and Linux internals, log analysis, and common attack vectors.
Familiarity with tools such as Zeek, Falco, OSQuery, Wireshark, and malware analysis techniques.

Soft Skills & Competencies

Strong communication skills for documenting detection logic and presenting findings clearly.
Excellent analytical thinking and problem-solving abilities in complex threat scenarios.
High attention to detail when creating and tuning detections.
Adaptability and continuous learning mindset to keep up with evolving threats and technologies.
Effective collaboration with cross-functional cybersecurity and IT teams.

English: High level required. Hybrid model: Onsite presence in Sant Cugat once per month.